SHARE

Title: WPA Migration Mode: WEP is back to haunt you...
Presenters: Leandro Meiners & Diego Sor, Senior Security Consultants
Date and Time: July 28, 2010 at 10am
Location: Forum 24, Caesars Hotel, Las Vegas
Link to Event: http://www.blackhat.com

Overview:
Cisco access points support WPA migration mode, which enables both WPA and WEP clients to associate to an access point using the same Service Set Identifier (SSID). If WEP clients are still around, we can use the traditional WEP cracking arsenal against them. Therefore, we focused on analyzing the consequences of having this feature enabled when no WEP clients are present; for example after the migration to WPA has been carried out but this feature has been left enabled. We found that it is possible for an attacker to crack the WEP key under this scenario (i.e. no WEP clients). Once the key is recovered, it is possible to connect to the access point using this key (as it is operating in WPA migration mode) and access the network.

Learn more about our security testing software solutions.

• Corporate Overview

Latest Press Releases

• MODCOMP Forms Partnership with CORE Security to Provide Customers with Predictive Security Intelligence Solutions and Consulting Services

• CORE Impact Pro Automates Endpoint OS & Application Vulnerability Assessment and Penetration Testing

Latest In the News

• Adobe Patches Flash Player Bug as Hackers Attack IE for Windows

• Microsoft's 'Patch Tuesday' For May Approaches

Upcoming Webcasts

• Register for a live security testing webcast or watch archived webcasts

Upcoming Events

• Black Hat USA

• SANSFIRE

Press Contacts

Vaughn Harring
Core Security
(617) 645-4322
vharring@coresecurity.com

Lisa Mokaba
Inkhouse
781-966-4108
core@inkhouse.net